mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-08 21:17:47 +03:00
meson: add config setting to select between openssl and gcrypt
This is not pretty, but it is supposed to be only a temporary measure.
This commit is contained in:
parent
ade99252e2
commit
57633d2376
20
meson.build
20
meson.build
@ -1523,6 +1523,18 @@ else
|
|||||||
endif
|
endif
|
||||||
conf.set10('ENABLE_REPART', have)
|
conf.set10('ENABLE_REPART', have)
|
||||||
|
|
||||||
|
# We support one or the other. If gcrypt is available, we assume it's there to
|
||||||
|
# be used, and use it in preference.
|
||||||
|
opt = get_option('cryptolib')
|
||||||
|
if opt == 'openssl' and conf.get('HAVE_OPENSSL') == 0
|
||||||
|
error('openssl requested as the default cryptolib, but not available')
|
||||||
|
endif
|
||||||
|
conf.set10('PREFER_OPENSSL',
|
||||||
|
opt == 'openssl' or (opt == 'auto' and conf.get('HAVE_OPENSSL') == 1 and conf.get('HAVE_GCRYPT') == 0))
|
||||||
|
conf.set10('HAVE_OPENSSL_OR_GCRYPT',
|
||||||
|
conf.get('HAVE_OPENSSL') == 1 or conf.get('HAVE_GCRYPT') == 1)
|
||||||
|
lib_openssl_or_gcrypt = conf.get('PREFER_OPENSSL') == 1 ? libopenssl : libgcrypt
|
||||||
|
|
||||||
want_importd = get_option('importd')
|
want_importd = get_option('importd')
|
||||||
if want_importd != 'false'
|
if want_importd != 'false'
|
||||||
have = (conf.get('HAVE_LIBCURL') == 1 and
|
have = (conf.get('HAVE_LIBCURL') == 1 and
|
||||||
@ -4023,6 +4035,14 @@ else
|
|||||||
found += 'static-libudev(@0@)'.format(static_libudev)
|
found += 'static-libudev(@0@)'.format(static_libudev)
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
if conf.get('HAVE_OPENSSL_OR_GCRYPT') == 1 and conf.get('PREFER_OPENSSL') == 1
|
||||||
|
found += 'cryptolib(openssl)'
|
||||||
|
elif conf.get('HAVE_OPENSSL_OR_GCRYPT') == 1
|
||||||
|
found += 'cryptolib(gcrypt)'
|
||||||
|
else
|
||||||
|
missing += 'cryptolib'
|
||||||
|
endif
|
||||||
|
|
||||||
if conf.get('DNS_OVER_TLS_USE_GNUTLS') == 1
|
if conf.get('DNS_OVER_TLS_USE_GNUTLS') == 1
|
||||||
found += 'DNS-over-TLS(gnutls)'
|
found += 'DNS-over-TLS(gnutls)'
|
||||||
elif conf.get('DNS_OVER_TLS_USE_OPENSSL') == 1
|
elif conf.get('DNS_OVER_TLS_USE_OPENSSL') == 1
|
||||||
|
@ -380,6 +380,8 @@ option('gnutls', type : 'combo', choices : ['auto', 'true', 'false'],
|
|||||||
description : 'gnutls support')
|
description : 'gnutls support')
|
||||||
option('openssl', type : 'combo', choices : ['auto', 'true', 'false'],
|
option('openssl', type : 'combo', choices : ['auto', 'true', 'false'],
|
||||||
description : 'openssl support')
|
description : 'openssl support')
|
||||||
|
option('cryptolib', type : 'combo', choices : ['auto', 'openssl', 'gcrypt'],
|
||||||
|
description : 'whether to use openssl or gcrypt where both are supported')
|
||||||
option('p11kit', type : 'combo', choices : ['auto', 'true', 'false'],
|
option('p11kit', type : 'combo', choices : ['auto', 'true', 'false'],
|
||||||
description : 'p11kit support')
|
description : 'p11kit support')
|
||||||
option('libfido2', type : 'combo', choices : ['auto', 'true', 'false'],
|
option('libfido2', type : 'combo', choices : ['auto', 'true', 'false'],
|
||||||
|
@ -5,6 +5,8 @@
|
|||||||
|
|
||||||
#if HAVE_OPENSSL
|
#if HAVE_OPENSSL
|
||||||
# include <openssl/bio.h>
|
# include <openssl/bio.h>
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# include <openssl/err.h>
|
||||||
# include <openssl/evp.h>
|
# include <openssl/evp.h>
|
||||||
# include <openssl/pkcs7.h>
|
# include <openssl/pkcs7.h>
|
||||||
# include <openssl/ssl.h>
|
# include <openssl/ssl.h>
|
||||||
@ -13,7 +15,15 @@
|
|||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY*, EVP_PKEY_free, NULL);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(RSA*, RSA_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_KEY*, EC_KEY_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_POINT*, EC_POINT_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_GROUP*, EC_GROUP_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIGNUM*, BN_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BN_CTX*, BN_CTX_free, NULL);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ECDSA_SIG*, ECDSA_SIG_free, NULL);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7*, PKCS7_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7*, PKCS7_free, NULL);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(SSL*, SSL_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(SSL*, SSL_free, NULL);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIO*, BIO_free, NULL);
|
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIO*, BIO_free, NULL);
|
||||||
@ -29,5 +39,24 @@ static inline void sk_X509_free_allp(STACK_OF(X509) **sk) {
|
|||||||
int rsa_encrypt_bytes(EVP_PKEY *pkey, const void *decrypted_key, size_t decrypted_key_size, void **ret_encrypt_key, size_t *ret_encrypt_key_size);
|
int rsa_encrypt_bytes(EVP_PKEY *pkey, const void *decrypted_key, size_t decrypted_key_size, void **ret_encrypt_key, size_t *ret_encrypt_key_size);
|
||||||
|
|
||||||
int rsa_pkey_to_suitable_key_size(EVP_PKEY *pkey, size_t *ret_suitable_key_size);
|
int rsa_pkey_to_suitable_key_size(EVP_PKEY *pkey, size_t *ret_suitable_key_size);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if PREFER_OPENSSL
|
||||||
|
/* The openssl definition */
|
||||||
|
typedef const EVP_MD* hash_md_t;
|
||||||
|
typedef const EVP_MD* hash_algorithm_t;
|
||||||
|
typedef int elliptic_curve_t;
|
||||||
|
typedef EVP_MD_CTX* hash_context_t;
|
||||||
|
# define OPENSSL_OR_GCRYPT(a, b) (a)
|
||||||
|
|
||||||
|
#elif HAVE_GCRYPT
|
||||||
|
|
||||||
|
# include <gcrypt.h>
|
||||||
|
|
||||||
|
/* The gcrypt definition */
|
||||||
|
typedef int hash_md_t;
|
||||||
|
typedef const char* hash_algorithm_t;
|
||||||
|
typedef const char* elliptic_curve_t;
|
||||||
|
typedef gcry_md_hd_t hash_context_t;
|
||||||
|
# define OPENSSL_OR_GCRYPT(a, b) (b)
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user